tengqm commented on code in PR #5995:
URL: https://github.com/apache/gravitino/pull/5995#discussion_r1897510667
##########
core/src/main/java/org/apache/gravitino/credential/CatalogCredentialContext.java:
##########
@@ -35,4 +35,27 @@ public CatalogCredentialContext(String userName) {
public String getUserName() {
return userName;
}
+
+ @Override
+ public int hashCodeIgnoreUser() {
+ return 9999;
Review Comment:
?
##########
core/src/main/java/org/apache/gravitino/credential/CatalogCredentialContext.java:
##########
@@ -35,4 +35,27 @@ public CatalogCredentialContext(String userName) {
public String getUserName() {
return userName;
}
+
+ @Override
+ public int hashCodeIgnoreUser() {
+ return 9999;
+ }
+
+ @Override
+ public boolean equalsIgnoreUser(Object o) {
+ if (this == o) {
+ return true;
+ }
+ if (o == null || !(o instanceof CatalogCredentialContext)) {
+ return false;
+ }
+ return true;
Review Comment:
Do we need more checks before returning `true`?
##########
core/src/main/java/org/apache/gravitino/credential/CredentialUtils.java:
##########
@@ -19,14 +19,74 @@
package org.apache.gravitino.credential;
+import com.google.common.base.Splitter;
import com.google.common.collect.ImmutableSet;
+import java.util.Map;
+import java.util.Set;
+import java.util.function.Supplier;
+import java.util.stream.Collectors;
import org.apache.gravitino.utils.PrincipalUtils;
public class CredentialUtils {
+
+ private static final Splitter splitter = Splitter.on(",");
+
public static Credential vendCredential(CredentialProvider
credentialProvider, String[] path) {
PathBasedCredentialContext pathBasedCredentialContext =
new PathBasedCredentialContext(
PrincipalUtils.getCurrentUserName(), ImmutableSet.copyOf(path),
ImmutableSet.of());
return credentialProvider.getCredential(pathBasedCredentialContext);
}
+
+ public static Map<String, CredentialProvider> loadCredentialProviders(
+ Map<String, String> catalogProperties) {
+ Set<String> credentialProviders =
+ CredentialUtils.getCredentialProvidersByOrder(() -> catalogProperties);
+
+ return credentialProviders.stream()
+ .collect(
+ Collectors.toMap(
+ String::toString,
+ credentialType ->
+ CredentialProviderFactory.create(credentialType,
catalogProperties)));
+ }
+
+ /**
+ * Get Credential providers from properties supplier.
+ *
+ * <p>If there are multiple properties suppliers, will try to get the
credential providers in the
+ * input order.
+ *
+ * @param propertiesSuppliers The properties suppliers.
+ * @return A set of credential providers.
+ */
+ public static Set<String> getCredentialProvidersByOrder(
Review Comment:
We are emphasizing "by order" because there will be a variant which is not
by order?
##########
core/src/main/java/org/apache/gravitino/credential/CredentialCacheManager.java:
##########
@@ -0,0 +1,112 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.gravitino.credential;
+
+import com.github.benmanes.caffeine.cache.Cache;
+import com.github.benmanes.caffeine.cache.Caffeine;
+import com.github.benmanes.caffeine.cache.Expiry;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+import java.util.function.Function;
+import org.apache.gravitino.catalog.CatalogManager;
+import org.checkerframework.checker.index.qual.NonNegative;
+import org.checkerframework.checker.nullness.qual.NonNull;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class CredentialCacheManager<T> {
+ private static final Logger LOG =
LoggerFactory.getLogger(CatalogManager.class);
+
+ // Calculates the credential expire time in the cache.
+ static class CredentialExpireTimeCaculator<T> implements Expiry<T,
Credential> {
+
+ private long credentialMaxCacheTimeInMs = 0;
+
+ public CredentialExpireTimeCaculator(long credentialMaxCacheTimeInMs) {
+ this.credentialMaxCacheTimeInMs = credentialMaxCacheTimeInMs;
+ }
+
+ // Set expire time after add a credential in the cache.
+ @Override
+ public long expireAfterCreate(
+ @NonNull T key, @NonNull Credential credential, long currentTime) {
Review Comment:
Curious about the `@NonNull` annotation ...
Can we use it extensively for validation of null params?
##########
core/src/main/java/org/apache/gravitino/credential/CatalogCredentialManager.java:
##########
@@ -0,0 +1,82 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.gravitino.credential;
+
+import java.io.Closeable;
+import java.io.IOException;
+import java.util.Map;
+import org.apache.gravitino.exceptions.NoSuchCredentialException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Manage lifetime of the credential provider in one catalog, dispatch
credential request to the
+ * corresponding credential provider.
+ */
+public class CatalogCredentialManager implements Closeable {
+
+ private static final Logger LOG =
LoggerFactory.getLogger(CatalogCredentialManager.class);
+
+ private CredentialCacheManager<CredentialCacheKey> cacheManager;
+
+ private final String catalogName;
+ private final Map<String, CredentialProvider> credentialProviders;
+
+ public CatalogCredentialManager(String catalogName, Map<String, String>
catalogProperties) {
+ this.catalogName = catalogName;
+ this.credentialProviders =
CredentialUtils.loadCredentialProviders(catalogProperties);
+ this.cacheManager = new CredentialCacheManager();
+ cacheManager.initialize(catalogProperties);
+ }
+
+ public Credential getCredential(String credentialType, CredentialContext
context) {
+ CredentialCacheKey credentialCacheKey = new
CredentialCacheKey(credentialType, context);
+ return cacheManager.getCredential(credentialCacheKey, cacheKey ->
getCredential(cacheKey));
+ }
+
+ @Override
+ public void close() {
+ credentialProviders
+ .values()
+ .forEach(
+ credentialProvider -> {
+ try {
+ credentialProvider.close();
+ } catch (IOException e) {
+ LOG.warn(
+ "Close credential provider failed, catalog: {}, credential
provider: {}",
+ catalogName,
+ credentialProvider.credentialType(),
+ e);
+ }
+ });
+ }
+
+ public Credential getCredential(CredentialCacheKey credentialCacheKey) {
+ String credentialType = credentialCacheKey.getCredentialType();
+ CredentialContext context = credentialCacheKey.getCredentialContext();
+ LOG.info("try get credential, credential type: {}, context: {}",
credentialType, context);
Review Comment:
Remove this in the final version?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@gravitino.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
